Why would Wireshark capture only larger sized udp packets?
The non captured packets are definitely getting to their destination and heartbeat packages with a size of 176 bytes are being captured by Wireshark. This is happening on a machine with Windows10 and on another machine with Windows Vista. I know that these machines used to capture the smaller 68 byte size packages and no capture or display filters are set. Capturing is done with promiscuous mode turned on. Could it be something that WINpcap version 4.1.3 is doing? Or Wireshark v2.6.2?
This happens with anti-virus and firewalls turned off.
See what replacing WinPcap with NPcap does on the Windows 10 machine.
Using NPcap did not resolvle the issue.
So this is not a capture engine issue. What else changed in the mean time? You might even want to try and go back to the Wireshark version that did work.